How To Set Up Kojoney SSH Honeypot On CentOS 5.5

Kojoney is a low level interaction honeypot that emulates an SSH server. The daemon is written in Python using the Twisted Conch libraries. In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated, (un)protected, and monitored, and which seems to contain information or a resource of value to attackers. This tutorial shows how you can compile and install updated version of Kojoney on CentOS 5.5 server.

How To Defend slowloris DDoS With mod_qos (Apache2 On Debian [Lenny])

mod_qos gives some fine-grained opportunities to scale the number of used connections and to defend an attack according to bandwidth limits. Unfortunately it is only available as source-package and there are many possible settings, wich might be hard to setup for this special case. So I provide the way that helped me.

Temporarily unavailable

Prevent Phishing with Mutual Authentication

Phishing is a man-in-the-middle attack. While many people think using time-bound, one-time passwords will solve the problem, they are wrong as attacks will just become automated. What is required is strong mutual authentication - authentication of the host to the user as well as the user to the host. This article demonstrates how to do that using open-source software from WiKID.

Custom Boot Menu for Windows XP 

One of the first things that I do upon receiving a new windows computer is create my own custom boot menu that shows up every time I boot my machine. This is especially handy when you suspect a virus; you can reboot into safe mode and scan for it.

Secure your SSH deployment with WiKID two-factor authentication

In this document we are going to demonstrate how to combine two-factor authentication from WiKID with an SSH gateway server with hosted private keys to create a highly secure, auditable and easy to use remote access solution. The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution.

How to configure OpenVPN to use WiKID Strong Authentication 

The WiKID Strong Authentication System  is a commercial/open source two-factor authentication solution.  This guide demonstrates how to OpenVPN and SSH to use one-time passwords from WiKID.  While both solutions support private key authentication, that may not be sufficient for your requirements; you may need one-time passwords for webmail or extranet access; or centralized authentication management and logging.

Either with chkrootkit or with rkhunter.

chkrootkit

Either install the package that comes with your distribution (on Debian you would run

apt-get install chkrootkit

), or download the sources from www.chkrootkit.org and install manually:

wget --passive-ftp ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
tar xvfz chkrootkit.tar.gz
cd chkrootkit-<version>/
make sense

Afterwards, you can move the chkrootkit directory somewhere else, e.g. /usr/local/chkrootkit: